On Wed, 2 Apr 2025 07:33:10 -0700 (PDT) Frank Liu <f...@tiger.openqnx.com> wrote:
> Is it possible to configure ocserv to filter the client certificate? I don't see that feature, although I'm a user and may not have the latest version installed. > eg: only allow the connecting the CN of the client certificate ending > with mytrusted.domain.com? matching certain regex filtering rules Or > running a script to further process the certificate based > authentication, such as what openvpn has: > https://github.com/OpenVPN/openvpn/blob/master/sample/sample-scripts/verify-cn What is the use-case for this? Why is specifying a certificate authority cert to do the client cert validation not enough? (Just curious.) Regards, Karl <k...@karlpinc.com> Free Software: "You don't pay back, you pay forward." -- Robert A. Heinlein _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
